utahezpay.com
Open in
urlscan Pro
198.74.62.52
Public Scan
Effective URL: https://utahezpay.com/free-rate-analysis-thank-you/
Submission: On July 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on June 10th 2024. Valid for: 3 months.
This is the only time utahezpay.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 3.33.251.168 3.33.251.168 | 16509 (AMAZON-02) (AMAZON-02) | |
1 26 | 198.74.62.52 198.74.62.52 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
2 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.186.130 142.250.186.130 | 15169 (GOOGLE) (GOOGLE) | |
1 | 130.211.32.235 130.211.32.235 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 35.230.100.254 35.230.100.254 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
7 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
1 2 | 52.49.131.125 52.49.131.125 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.249.178.183 34.249.178.183 | 16509 (AMAZON-02) (AMAZON-02) | |
42 | 9 |
ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.freerateanalysis.com |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 198-74-62-52.ip.linodeusercontent.com
utahezpay.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pubads.g.doubleclick.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 235.32.211.130.bc.googleusercontent.com
static.rubyblu.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 254.100.230.35.bc.googleusercontent.com
region-filter.rubyblu.com | |
api.rubyblu.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-131-125.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-178-183.eu-west-1.compute.amazonaws.com
cnv.event.prod.bidr.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
utahezpay.com
1 redirects
utahezpay.com |
480 KB |
7 |
w.org
s.w.org — Cisco Umbrella Rank: 3961 |
6 KB |
3 |
bidr.io
1 redirects
match.prod.bidr.io — Cisco Umbrella Rank: 668 cnv.event.prod.bidr.io — Cisco Umbrella Rank: 17447 |
995 B |
3 |
rubyblu.com
static.rubyblu.com — Cisco Umbrella Rank: 90051 region-filter.rubyblu.com — Cisco Umbrella Rank: 111985 api.rubyblu.com — Cisco Umbrella Rank: 131993 |
8 KB |
2 |
doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 431 |
126 B |
2 |
consolto.com
client.consolto.com — Cisco Umbrella Rank: 994272 |
3 KB |
1 |
freerateanalysis.com
1 redirects
www.freerateanalysis.com |
178 B |
42 | 7 |
Domain | Requested by | |
---|---|---|
26 | utahezpay.com |
1 redirects
utahezpay.com
|
7 | s.w.org |
utahezpay.com
|
2 | match.prod.bidr.io |
1 redirects
utahezpay.com
|
2 | pubads.g.doubleclick.net |
utahezpay.com
|
2 | client.consolto.com |
utahezpay.com
client.consolto.com |
1 | cnv.event.prod.bidr.io |
utahezpay.com
|
1 | api.rubyblu.com |
static.rubyblu.com
|
1 | region-filter.rubyblu.com |
static.rubyblu.com
|
1 | static.rubyblu.com |
utahezpay.com
|
1 | www.freerateanalysis.com | 1 redirects |
42 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bbb.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
utahezpay.com R10 |
2024-06-10 - 2024-09-08 |
3 months | crt.sh |
consolto.com GTS CA 1P5 |
2024-05-06 - 2024-08-04 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
ads.rubyblu.com GTS CA 1D4 |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
www.rubyblu.com R3 |
2024-05-22 - 2024-08-20 |
3 months | crt.sh |
*.w.org Sectigo ECC Domain Validation Secure Server CA |
2023-12-18 - 2025-01-17 |
a year | crt.sh |
*.event.prod.bidr.io Amazon RSA 2048 M03 |
2023-11-28 - 2024-12-26 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://utahezpay.com/free-rate-analysis-thank-you/
Frame ID: 15E0E99EF9048384FFCF7599ECED223F
Requests: 41 HTTP requests in this frame
Frame:
https://client.consolto.com/expertWidget/wid/651e3484c0265923df5b7800
Frame ID: 234E89E61E9FFA494850E17C336F3CF4
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Thank You, Your Free Rate Analysis Is Heading Your Way - Utah EZ PayPage URL History Show full URLs
-
https://www.freerateanalysis.com/
HTTP 301
https://utahezpay.com/free-rate-analysis/ HTTP 301
https://utahezpay.com/free-rate-analysis-thank-you/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
TrackJs (Analytics) Expand
Detected patterns
- tracker\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Utah EZ Pay BBB Reviews
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.freerateanalysis.com/
HTTP 301
https://utahezpay.com/free-rate-analysis/ HTTP 301
https://utahezpay.com/free-rate-analysis-thank-you/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=client.n47qy5dnxyzw HTTP 303
- https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=client.n47qy5dnxyzw&_bee_ppp=1
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
utahezpay.com/free-rate-analysis-thank-you/ Redirect Chain
|
87 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_ce911d7220295b088de2e14f32ec64af.css
utahezpay.com/wp-content/cache/autoptimize/css/ |
240 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
utahezpay.com/wp-includes/js/jquery/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
utahezpay.com/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_b05f10be5dc47940fc74ad56a9495aaf.js
utahezpay.com/wp-content/cache/autoptimize/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_7528d405618574126935b33521c7b857.js
utahezpay.com/wp-content/cache/autoptimize/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-Utah-EZ-Pay-Home-page-Banner-1-scaled-1.jpg
utahezpay.com/wp-content/uploads/2023/05/ |
142 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-Utah-EZ-Pay-Logo-wh-bg.jpg
utahezpay.com/wp-content/uploads/2023/05/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Nort-American-Bancard-Logos-768x195.jpg
utahezpay.com/wp-content/uploads/2023/01/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Utah-EZ-Pay-Logo-footer.jpg
utahezpay.com/wp-content/uploads/2023/05/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Google-Pay-Logo.png
utahezpay.com/wp-content/uploads/2023/06/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apple-pay-logo.jpeg
utahezpay.com/wp-content/uploads/2023/06/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
android-pay-logo.png
utahezpay.com/wp-content/uploads/2023/06/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_efc27e253fae1b7b891fb5a40e687768.js
utahezpay.com/wp-content/cache/autoptimize/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_917602d642f84a211838f0c1757c4dc1.js
utahezpay.com/wp-content/cache/autoptimize/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks-frontend.min.js
utahezpay.com/wp-content/plugins/wp-munich-blocks/blocks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks-frontend.min.js
utahezpay.com/wp-content/plugins/wp-munich-blocks/blocks-professional/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autoptimize_single_d45857185e4d727c4644f920fe3da019.js
utahezpay.com/wp-content/cache/autoptimize/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iframeApp.js
client.consolto.com/iframeApp/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ea779021-a036-4532-bc5c-9b516edf87c1
https://utahezpay.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DFPAudiencePixel;ord=1308508038164511;dc_seg=8085850928
pubads.g.doubleclick.net/activity;dc_iu=/6686/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clienttracker.js
static.rubyblu.com/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activity;xsp=5172528;ord=6664773441327287
pubads.g.doubleclick.net/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libre-franklin-latin-400-normal.woff2
utahezpay.com/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libre-franklin-latin-800-normal.woff2
utahezpay.com/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libre-franklin-latin-600-normal.woff2
utahezpay.com/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libre-franklin-latin-300-normal.woff2
utahezpay.com/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BBB-A-Logo-300x194.png
utahezpay.com/wp-content/uploads/2023/11/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check
region-filter.rubyblu.com/ |
7 B 201 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
651e3484c0265923df5b7800
client.consolto.com/expertWidget/wid/ Frame 234E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
utahezpay.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f3e1.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
1 KB 930 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f340.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
1 KB 885 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f4b3.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
1017 B 880 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f469-200d-1f4bb.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f3e6.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
878 B 709 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f4de.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
391 B 701 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2b50.svg
s.w.org/images/core/emoji/15.0.3/svg/ |
554 B 661 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event-tags
api.rubyblu.com/ |
36 B 505 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deseret
match.prod.bidr.io/cookie-sync/ Redirect Chain
|
24 B 24 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cnv
cnv.event.prod.bidr.io/log/ |
43 B 560 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cropped-Utah-EZ-Pay-Logo-MountainTransparent-BG-32x32.png
utahezpay.com/wp-content/uploads/2023/05/ |
663 B 955 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery object| twentyseventeenScreenReaderText object| rubyBluScript object| rubyblu object| regeneratorRuntime object| rubyBluClientPageData function| isRubyBluDebug function| setupRubyBlu object| swv object| wpcf7 boolean| consolto object| element object| profileName string| widgetId object| accId string| test string| pluginType object| multiWidget object| body string| fullPath function| triggerConsoltoAction object| twemoji object| wp object| eventSrc3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.utahezpay.com/ | Name: bluSiteUserID Value: client.n47qy5dnxyzw |
|
.bidr.io/ | Name: bito Value: AAD_iE7NBvQAABW3baBBgA |
|
.bidr.io/ | Name: bitoIsSecure Value: ok |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.rubyblu.com
client.consolto.com
cnv.event.prod.bidr.io
match.prod.bidr.io
pubads.g.doubleclick.net
region-filter.rubyblu.com
s.w.org
static.rubyblu.com
utahezpay.com
www.freerateanalysis.com
130.211.32.235
142.250.186.130
188.114.96.3
192.0.77.48
198.74.62.52
3.33.251.168
34.249.178.183
35.230.100.254
52.49.131.125
02d6dc8e0f0c6cd8094d5a8beb045f4c55b756dba554fba1a7aca94999c01b42
0cebc06174fc4258c0e64c4d8c1093a222565911f1c528a205e89960002f4ebe
194ced3b92464f5c247775dd6bddb1308322c7cb891247b23e68b799b207d2d2
2719943f9a9209a29674f9ea5ac7a3364c44aa72143755b50e44b0cd33331852
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
332424fb2ddf89a7444e2eec115092c170270832cda90855732278868d7c6482
369a2f73463f01b0cd5c8329a356b9108d8adf8f85b43d3446a69184853d6dc5
3bc85e3760a2ab37cffa2f1686ded51c7b1fb97fd29d5d65362bce50faeec049
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547dfd493515006115454f2b6e12a5cea1257301952250f30296a7bf21705054
54d6c6b97cc5cf097e6a759fc0948fcde48861e97a2218750e4a6b20b6752292
5b9f8309656f0c7dbd03d7646bd1ee4cfbe6721997150b3a60521f1e616f9776
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
75c52e1c16937c12b0237d384089300a6d05d8e12d390995674abe2e56886445
762a21a73ce5607534f037e439debaf601dc84f319a5c318d1a71c855c3bb0fc
8428e52704417ae285b9b7694eb951e49c284e31bb83ea578ca117e415b8bc37
84725c243e1c24b02f16427a2afce3b13ab478a5a6de93f4512b0ec8bf640546
9ec90d90c8875865ec465bea304f4c5caed1b1eac2d4ba1b3f1b710288738935
a85b42c43a6db29da296e90c3c2bfb173aada7ac814fcb372e3e1a78b7d796dc
b1445c6a020abb73cf9a46a5165d77db62b81b0db2ac3230430b6fb081ba4761
b3d80b79774a389634e3509c982e31ff72daaf747831747ebbb7aaa01d1ab47c
c537569a81911f272434ef9c7770dccd13e23b18db3e995283df9cc23b907a45
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d3881ad4133d5c5ce107fdd857f12d1d72a21e43550ecfb350f0adf2ab9b0dbb
d64318e42a2c65a248f58ed2d5cb4159898e16c9a3684ef3c83a6507b02afaa7
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3fc2ff707fbb0c7e493960fe2103fff1b6282e0370cc0bd51e2113f7c4ee38c
e771c6ad1df366c193248236b3a31355cafacc641dfc9021cf2a8205392858a0
e7736e107b5cee5d3171a016ee05a9ba65790aab90a0e139684dedcea12c8fef
e9d65a70940bd0726e7318957cab66688a253cd77f45451508fc047378e7e3ad
eabc01f12ec3e7cb6db0ada0f8f37323b0cfe6d08a2a73479e7d5b62d7e63529
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef74ed93be00cab6922d525786cbda98c265e2c23cfb15217d5a0fdef8eb67e8
ef84b9d45804389b3deca396979467bea73fda291db6e5cb6774b8b3027a6d07
fdcc4fe0013748759e224db3ced131c056ad6bc69d819c8d816e3b56220d5ae6